CVE-2025-35979

A flaw was found in the kernel. This vulnerability, affecting some IntelR Processors, involves shared microarchitectural predictor state that influences transient execution within VMX non-root guest operation. An unprivileged software adversary with an authenticated user can exploit this locally ...

Updated microcode package fixes security vulnerability

The updated package fixes a security vulnerability: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. CVE-2025-35979...

MGASA-2026-0161 Updated microcode package fixes security vulnerability

The updated package fixes a security vulnerability: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. CVE-2025-35979...

CVE-2026-46174 x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50275)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50275 advisory. - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39368252 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fixed a situation where a hard lockup occurs in the virtual machine after prolonged inactivity, caused by the periodic HV timer. When advancing the target expiration of the guest’s APIC timer in periodic mode, set the...

Astra Linux - уязвимость в linux, linux-5.15

When SMT is enabled, certain AMD processors may speculateively execute instructions using a target from the sibling thread after a SMT mode switch, which may potentially lead to information disclosure...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/srso: Added SRSO mitigation for Hygon processors. Added mitigation for the speculative return stack overflow vulnerability, which also exists on Hygon processors...

Astra Linux - уязвимость в linux-5.10, linux

The non-transparent sharing of return predictor targets between contexts in some Intel processors may allow an authorized user to potentially enable information disclosure through local access...

Astra Linux - уязвимость в linux-5.15, linux-6.1

Hardware logic with insecure de-synchronization in IntelR DSA and IntelR IAA for some IntelR 4th or 5th generation XeonR processors may allow an authorized user to potentially enable escalation of privilege local access...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A crash occurred during the disabling of turbo mode. When the system is booted with the kernel command line arguments “nosmt” or “maxcpus” to limit the number of CPUs, disabling turbo mode by executing: echo...

Amazon Linux 2023 : microcode_ctl (ALAS2023-2026-1675)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1675 advisory. Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high...

ALPINE-CVE-2025-54518

Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation...

SUSE CVE-2021-46778

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading SMT. By measuring the contention level on scheduler queues an attacker may potentially leak sensitive...

AMD Processors 安全漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from unsafe default configuration states of DDR5 memory modules. These vulnerabilities could allow attackers with local user privileges to...

AMD Processors 资源管理错误漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. There is a resource management vulnerability in AMD Processors, which stems from improper input validation. This vulnerability may allow local attackers to trigger a reuse of freed resources, resulting in...

AMD多款产品 输入验证错误漏洞

The AMD Ryzen is a central processing unit CPU developed by American semiconductor company AMD. Several AMD products have a vulnerability related to input validation. This vulnerability arises due to improper input validation, which may allow attackers to unmapped any memory page, thereby affecti...

AMD多款产品 安全漏洞

The AMD Ryzen is a central processing unit CPU developed by American semiconductor company AMD. Several AMD products have security vulnerabilities; these vulnerabilities stem from the lack of checking return values, which may allow attackers to write arbitrary memory addresses, resulting in...

SUSE CVE-2025-35979

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...

EUVD-2025-209791

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...